CatchPhish: detection of phishing websites by inspecting URLs

Rao, Routhu Srinivasa; Vaishnavi, Tatti; Pais, Alwyn Roshan

doi:10.1007/s12652-019-01311-4

Cited by 86 publications

(80 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Sahingoz et al [7] and Rao et al [6], heuristic-based features are extracted from different parts of the URL and fed to a machine learning algorithm i.e., random forest (RF) to reveal the legitimacy of the URL. Jain et al [31] present a two-level validation approach of phishing detection using third-party services and webpage contents.…”

Section: Hybrid Method-based Detectionmentioning

confidence: 99%

“…However, this method supposes that phishing web pages only use benign page content, which does not apply in practice. Recently, Rao et al [6] proposed a light-weight application, CatchPhish which predicts the URL legitimacy without visiting the content of the website. The proposed model extracts hand-crafted and Term Frequency-Inverse Document Frequency (TF-IDF) features from the suspicious URL for classification using the random forest classifier.…”

Section: Machine Learning-based Detectionmentioning

confidence: 99%

“…• Word level TF-IDF: Matrix representing TF-IDF scores of every term in different documents. It is noted that TF-IDF has been applied in several works to detect phishing of websites by inspecting URLs [6], to get the indirect associated links [34], target website [22], and legitimacy of suspicious website [21]. Although TF-IDF extracts eminent keywords from the textual content, it has some restrictions.…”

Section: Character Level Tf-idf Featuresmentioning

confidence: 99%

“…In this part, we compare the methods of Sahingoz et al [7], Rao et al [6], and Le et al [28] with our proposed method in order to evaluate the effectiveness of our model. Notice that we have implemented Hung Le et al [28] on dataset D2 whereas for comparison of the proposed method with Sahingoz et al [7] and Routhu et al [6], we applied our model on their datasets-D2, D3, and D4. The reason behind the comparison with these works is due to the similarity in phishing detection techniques.…”

Section: Comparison Of Proposed Model With Existing Baselinesmentioning

confidence: 99%

“…Machine learning techniques have also been used to investigate the URL of the web page with different hand-crafted feature sets in order to refine detection efficiency [6,7]. The URLs are first analyzed to perform the feature adaptation from phishing websites.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

An Effective Phishing Detection Model Based on Character Level Convolutional Neural Network from URL

Aljofey

Jiang

et al. 2020

Electronics

View full text Add to dashboard Cite

Phishing is the easiest way to use cybercrime with the aim of enticing people to give accurate information such as account IDs, bank details, and passwords. This type of cyberattack is usually triggered by emails, instant messages, or phone calls. The existing anti-phishing techniques are mainly based on source code features, which require to scrape the content of web pages, and on third-party services which retard the classification process of phishing URLs. Although the machine learning techniques have lately been used to detect phishing, they require essential manual feature engineering and are not an expert at detecting emerging phishing offenses. Due to the recent rapid development of deep learning techniques, many deep learning-based methods have also been introduced to enhance the classification performance. In this paper, a fast deep learning-based solution model, which uses character-level convolutional neural network (CNN) for phishing detection based on the URL of the website, is proposed. The proposed model does not require the retrieval of target website content or the use of any third-party services. It captures information and sequential patterns of URL strings without requiring a prior knowledge about phishing, and then uses the sequential pattern features for fast classification of the actual URL. For evaluations, comparisons are provided between different traditional machine learning models and deep learning models using various feature sets such as hand-crafted, character embedding, character level TF-IDF, and character level count vectors features. According to the experiments, the proposed model achieved an accuracy of 95.02% on our dataset and an accuracy of 98.58%, 95.46%, and 95.22% on benchmark datasets which outperform the existing phishing URL models.

show abstract

Section: Hybrid Method-based Detectionmentioning

confidence: 99%

Section: Machine Learning-based Detectionmentioning

confidence: 99%

Section: Character Level Tf-idf Featuresmentioning

confidence: 99%

Section: Comparison Of Proposed Model With Existing Baselinesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An Effective Phishing Detection Model Based on Character Level Convolutional Neural Network from URL

Aljofey

Jiang

et al. 2020

Electronics

View full text Add to dashboard Cite

show abstract

AI‐Enabled Threat Detection and Security Analysis

Saran Kumar,

Priyanka,

Praveen

et al. 2023

Wireless Communication for Cybersecurity

View full text Add to dashboard Cite

An improved anti‐phishing model utilizing TF‐IDF and AdaBoost

Sharma¹,

Singh

2022

Concurrency and Computation

View full text Add to dashboard Cite

Summary A behavior over the internet, which results into false utilization of the resources is termed as phishing and the techniques to identify them are termed as anti‐phishing frames and algorithms. This research work introduces a new relative similarity approach utilizing similarity index co‐relation by applying Cosine similarity. In order to incorporate the co‐relation, term frequency and inverse document frequency (TF‐IDF) is also calculated. AdaBoost is employed to improve the classification accuracy of the proposed work by means of enhancing the performance of weak learner to classify website into legitimate and phishing one. The simulation analysis has shown that the proposed work outperformed the existing works in terms of accuracy, TPR, and precision of detecting phishing sites to offer secure browsing. Overall model evaluation against 50,000 URL instances have demonstrated an average precision, TPR, F‐measure, accuracy and execution time of 98.64%, 96.52%, 97.56%, 98.014%, and 3.485 s, respectively for phishing detection. This proves the success of the proposed model in shielding phishing attack.

show abstract

CatchPhish: detection of phishing websites by inspecting URLs

Cited by 86 publications

References 42 publications

An Effective Phishing Detection Model Based on Character Level Convolutional Neural Network from URL

An Effective Phishing Detection Model Based on Character Level Convolutional Neural Network from URL

AI‐Enabled Threat Detection and Security Analysis

An improved anti‐phishing model utilizing TF‐IDF and AdaBoost

Contact Info

Product

Resources

About